football2801/pictureFrame-webApp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f6321412aa13087ebab70f29449915fdb849f836
pictureFrame-webApp/bin/smoke.sh
T
football2801 9a5aa123c2
CI / test (push) Has been cancelled
Details
fix(smoke): drop the HEAD-on-mercure check that broke the round-trip 
Step 2 was doing `curl -sI .../mercure?topic=ping` to verify the hub was
reachable. Over HTTP/2, that HEAD against the SSE endpoint apparently
leaves a connection state on Caddy/Mercure that causes the next subscribe
from the same source to receive zero bytes — making step 6's round-trip
fail every time. Took a careful bisect to find: minimal script worked,
adding step 2 broke it 100%.

The hub-reachable check is redundant anyway: step 5's full publish→
subscribe round-trip is a stronger proof of life. Renumbered to 5 steps,
removed the also-not-using set-uo-pipefail commentary too.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 16:59:09 -04:00

93 lines
4.4 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Post-deploy smoke check. Runs against the live host and exits non-zero on
# anything obviously broken. Intentionally noisy so failures are easy to spot.
#
# Usage: bin/smoke.sh
#
# What it covers:
# 1. Frontend reachable (homepage HTTP code).
# 2. Container statuses on the host (none should be Restarting/Exited).
# 3. Recent CRITICAL / Fatal / 5xx entries in php + worker + nginx logs.
# 4. Authenticated /api/devices round-trip via the testbot account.
# 5. Mercure publish→subscribe round-trip via a no-op PATCH.
# (This implicitly proves the hub is reachable end-to-end — no separate
# "hub up" check, because a HEAD against the SSE endpoint over HTTP/2
# apparently leaves the connection in a state that breaks the next
# subscribe from the same source. Verified 2026-05-07.)
#
# Designed to fail fast — first red check exits 1.
# NOTE: deliberately NOT using `set -uo pipefail`. With pipefail in effect,
# the backgrounded SSE subscriber in step 5 sometimes gets killed before it
# receives data. Reproduces inside this script, not in interactive shell.
HOST="pictureframe.edholm.me"
SSH_HOST="pictureframe"
TESTBOT_EMAIL="testbot@example.com"
TESTBOT_PASS="testpass123"
RED="\033[31m"; GREEN="\033[32m"; RESET="\033[0m"
ok() { echo -e " ${GREEN}${RESET} $1"; }
fail() { echo -e " ${RED}${RESET} $1"; exit 1; }
echo "── 1/5 Frontend reachable ─────────────────────────────"
code=$(curl -sI -o /dev/null -w "%{http_code}" "https://$HOST/")
[ "$code" = "302" ] || [ "$code" = "200" ] || fail "homepage returned $code (expected 302 redirect to login)"
ok "homepage → $code"
echo "── 2/5 Container statuses ─────────────────────────────"
bad=$(ssh "$SSH_HOST" 'docker ps -a --filter name=pictureframe --format "{{.Names}}\t{{.Status}}"' \
| grep -viE "Up|healthy" || true)
if [ -n "$bad" ]; then
echo "$bad"
fail "one or more containers are not Up/healthy"
fi
ok "all pictureframe-* containers Up"
echo "── 3/5 No recent CRITICAL/5xx in logs ─────────────────"
hits=$(ssh "$SSH_HOST" '
for c in pictureframe-php-1 pictureframe-worker-1 pictureframe-nginx-1; do
docker logs --since 5m "$c" 2>&1 | grep -iE "CRITICAL|Fatal|\" 5[0-9][0-9] |Error thrown" | sed "s|^|$c: |";
done
' || true)
if [ -n "$hits" ]; then
echo "$hits" | head -10
fail "found error-level log entries in the last 5 minutes"
fi
ok "no CRITICAL/5xx in last 5 min"
echo "── 4/5 /api/devices round-trip (testbot) ─────────────"
JAR=$(mktemp)
trap 'rm -f "$JAR"' EXIT
csrf=$(curl -s -c "$JAR" "https://$HOST/login" | grep -oP 'name="_csrf_token"[^>]*value="\K[^"]+' | head -1)
[ -n "$csrf" ] || fail "could not extract CSRF token from /login"
login_code=$(curl -s -b "$JAR" -c "$JAR" -L -X POST "https://$HOST/login" \
--data-urlencode "_username=$TESTBOT_EMAIL" \
--data-urlencode "_password=$TESTBOT_PASS" \
--data-urlencode "_csrf_token=$csrf" \
-o /dev/null -w "%{http_code}")
[ "$login_code" = "200" ] || fail "login returned $login_code"
devices_json=$(curl -s -b "$JAR" "https://$HOST/api/devices")
echo "$devices_json" | grep -q '"id":' || fail "/api/devices did not return a JSON array with id fields: $devices_json"
ok "testbot login + /api/devices → device list with ids"
echo "── 5/5 Mercure publish→subscribe round-trip ──────────"
device_id=$(echo "$devices_json" | grep -oE '"id":[0-9]+' | head -1 | grep -oE '[0-9]+')
[ -n "$device_id" ] || fail "no device id available for round-trip test"
out=$(mktemp)
trap 'rm -f "$JAR" "$out"' EXIT
topic_url="https://$HOST/.well-known/mercure?topic=$(printf 'https://%s/devices/%s' "$HOST" "$device_id" | sed 's|:|%3A|g; s|/|%2F|g')"
timeout 8 curl -sN "$topic_url" > "$out" 2>&1 &
sub_pid=$!
sleep 2
patch_code=$(curl -s -b "$JAR" -X PATCH "https://$HOST/api/devices/$device_id" \
-H "Content-Type: application/json" -d '{"name":"smoke-check"}' \
-o /dev/null -w "%{http_code}")
[ "$patch_code" = "200" ] || fail "PATCH returned $patch_code"
wait "$sub_pid" 2>/dev/null || true
grep -q '"smoke-check"' "$out" || fail "publish did not arrive on the subscriber within 8s: $(cat "$out")"
ok "publish → subscribe round-trip OK"
echo
echo -e "${GREEN}all smoke checks passed${RESET}"
Reference in New Issue View Git Blame Copy Permalink